Evenin' good people!
I'm creating a virtual whiteboard application for my third year project at university. The system uses a Flex front-end and a Spring/BlazeDS back-end. I'd say that I'm pretty new to BlazeDS and to Flex, so apologies if anything I say doesn't make a lot of sense.
I'm attempting to implement a (reasonably) secure server push from Spring/BlazeDS to the Flex application, based on groups (whiteboards).
I've discovered that BlazeDS offers a publish/subscribe messaging architecure which includes support for sub-groups. However, I can't find a way of restricting access to particular (password-protected) groups, available only to users pre-authenticated with the system. my system is also using a custom log-in process, mediated through Flex RPC calls.
Additionally, I've considered writing a custom messaging-adapter; however getting this to @autowire with the rest of my project (and a custom authentication system) has proven difficult, and so far I've had little success.
All-in-all, I'm at a little bit of a loss for how to continue. Any help would be greatly appreciated.
If I understand your problem currectly you are trying to implement ' Authorization based subscriptions'. The user can subscribe to a group only if he is authorized to so?
If so, Flex has a concept of 'subtopics' the client subscribes on to a destination with this subtopic. This subscription can be manually managed by extending Adapters in flex. override a couple of methods to do so.
when the client requests for subscribe on this 'subtopic', handle the subscription in the adapter, maintain a list of subscriptions, also there is an overriden method in the same adapter to handle the push of the messages, you can use it to find the authorization of the user and push messages accordingly. (these methods are not invoked by you directly) thre are classes in blazeds to construct the message objects and pushe it to the client i think it is AsyncMessage use this to push.
Its been a long time since I worked on this, I hope you got some direction.